Vulnerability CVE-2018-1124


Published: 2018-05-23

Description:
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Procps-ng Multiple Vulnerabilities
Qualys Corporati...
31.05.2018

Type:

CWE-190

(Integer Overflow or Wraparound)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Redhat -> Enterprise linux 
Redhat -> Enterprise linux desktop 
Redhat -> Enterprise linux server 
Redhat -> Enterprise linux workstation 
Debian -> Debian linux 
Canonical -> Ubuntu linux 

 References:
http://seclists.org/oss-sec/2018/q2/122
http://www.securityfocus.com/bid/104214
http://www.securitytracker.com/id/1041057
https://access.redhat.com/errata/RHSA-2018:1700
https://access.redhat.com/errata/RHSA-2018:1777
https://access.redhat.com/errata/RHSA-2018:1820
https://access.redhat.com/errata/RHSA-2018:2267
https://access.redhat.com/errata/RHSA-2018:2268
https://access.redhat.com/errata/RHSA-2019:1944
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1124
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
https://kc.mcafee.com/corporate/index?page=content&id=SB10241
https://lists.debian.org/debian-lts-announce/2018/05/msg00021.html
https://security.gentoo.org/glsa/201805-14
https://usn.ubuntu.com/3658-1/
https://usn.ubuntu.com/3658-2/
https://www.debian.org/security/2018/dsa-4208
https://www.exploit-db.com/exploits/44806/
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt

Copyright 2024, cxsecurity.com

 

Back to Top